You already know the endless list of security "do's and don'ts": run AV software and firewalls, lock everything down, encrypt everything, watch all your network traffic, follow checklists… But even if you're spending a fortune doing all that, you're at greater risk than ever: even the world's most security-focused organizations are being victimized by massive attacks. Something is terribly wrong. We're protecting the wrong things, damaging productivity, and making it way too hard for our people to help us.
Today, getting security right requires more than checklists; it requires careful thinking about your actual threats and technologies. That's what this book is about: how to think about security. Most security books just give you "do's and don'ts." Thinking Security tells you why, and helps you design a security architecture that truly fits your organization.
Continue reading “Thinking Security: Stopping Next Year's Hackers (Addison-Wesley Professional Computing Series)”